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DETAILED ACTION 

Response to Amendment 

1. In response to communications filed on 1/30/2006, the request for pre-appeal brief has 
been considered and the Final Office Action has been withdrawn. The following claims 1-20 are 
presented for examination. 

2. Applicant's arguments filed 1/30/2006 have been fully considered but they are 
moot in view of a new ground of rejection. 

Claim Rejections - 35 USC §103 

3. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 



3.1 Claims 1-2, 4-5, 9-14, and 16-20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wadlow et al. US (6,230,271) in view of Barrett US (6,832,321). 
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As per claim 1 : Wadlow discloses a private network apparatus for connecting a user to an 
external Internet comprising: A plurality of security service pathways each providing a 
respective combination of security service features; (Col 2, lines 40-46 and Col 3, line 56 
through column 4, line 16); discloses pohcy application allowing user to configure security 
features for user traffic that meets the recitation of a service selection dashboard allowing said 
user to select from a plurality of security service features for user traffic to and from said user 
(Col 6, line 37 through Col 7, line 12 and Col 8, Lines 45-67); Col 7-8 provide more detailed 
explanation; Also, Col 4; lines 32-58 and item MW in Figure 1 discloses a Maintenance 
Workstation used to inspect or change the behavior of deyices); a network management server 
coupled to said service selection dashboard for storing a subscriber configuration in response to 
said user selected security service features (Col 8, Lines 45-67); a maintenance router or CSR or 
CLR that meets the recitation of a pass-through router for coupling to said user traffic to said 
external internet independently of said security service pathways (Col 4, lines 36-44), (see also 
application level proxy embodiment Col 8, lines 40-45); a service selection gateway coupled to 
said user for directing said user traffic to and from one of said service selection dashboard, said 
pass-through router, or one of said' security service pathways; and (Col 4, lines 30-32 and Col 9, 
lines 1-35 and Col 9, lines 58-65); an External router that meets the recitation of security service 
router for coupling said security service pathways to said external Internet; (Col 4, lines 35-44) 
• Wherein said service selection gateway directs said user traffic to said service selection 
dashboard if said subscriber configuration is in an initialized state; (Col 8, Lines 52-56) 
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• Wherein said service selection gateway directs said user traffic to a respective one of said 
security service pathways or to said pass-through router in response to said subscriber 
configuration after initialization by said service selection dashboard. (Col 8, Lines 52-56 
and Col 9-10 show different communication pathways between a customer workstation 
and the public network in response to different security configuration by the customer). 
Wadlow discloses a plurality of security service pathways for a user to connect to the Internet 
according to a plurality of security features. Wadlow does not explicitly disclose identical 
architecture but it is suggested that different pathways can be established to apply filtering policy 
between a router and a network interface as well as applications level filtering between the 
source and destination networks as shown in figs. 4-5 and Col 7, Une 48 through Col 8). Barrett 
Barrett teaches the using of a firewall providing different grades of firewall protection (FIG. 6 
and Col 8 lines 25-50) and further teaches that user has the ability to select and specify certain 
types of connection including a default security setting that is automatically select in the event no 
security setting is explicitly selecting. Therefore, it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to include the concept of Barrett and 
implement user configurable setting allowing user to specify conditions for blocking or allowing 
any type of communication or access with outside computers and devices. On of ordinary skill 
in the art would have been motivated to do so because it would provide a security solution that 
doesn't impose one-size-fits-all solution on the users of the network (Col 5, Lines 5-21) and a 
user changeable security setting that would specify which outside computers and network 
devices may access a user computer and what type of access to the user computer is allowed (Col 
5, lines 50-62), 



r 
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As per claim 2: Wadlow discloses the apparatus of claim 1 and a router with a filtering policy . 
that meets the recitation of a firewall wherein said security service pathways include at least one 
pathway having a firewall. (Col 6, Lines 59-64 and Col 8, lines 11-44). 

As per claim 4: Wadlow discloses the apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a content filter. (Col 8, Lines 12-26) 

As per claim 5: Wadlow discloses the apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a firewall and a content filter. (Col 9, lines 59^64; 
shows a modification to a packet-filtering path to enable application and packet filtering). 

As per claim 9: Barrett' discloses using of a firewall providing different grades of firewall 
protection (FIG. 6 and Col 8 lines 25-50). Therefore, this claim is rejected on the same rationale 
as the rejection of claim 1 above. 

As per claim 10: Barrett discloses using of a firewall providing high firewall protection (Col 9, 
Lines 16-21 and Col 8, Lines 27-35 and Col 4, lines 1-7), medium firewall protection (Col 9, 
Lines 16-21 and Col 8, Lines 27-35) and low firewall protection (Col 9, Lines 16-21). 
Therefore, this claim is rejected on the same rationale as the rejection of claim 1 above. 



Application/Control Number: 10/003,816 Page 6 

Art Unit: 2136 

As per claim 11: Barrett discloses using of firewall providing low grade protection by blocking 
outgoing traffic (Col 9, Lines 16-21). Therefore, this claim is rejected on the same rationale as 
the rejection of claim 1 above. 

As per claim 12: Barrett discloses using of firewall providing medium grade protection by 
blocking outgoing and incoming traffic (Col 9, Lines 16-21 and Col 8, Lines 27-35). Therefore, 
this claim is rejected on the same rationale as the rejection of claim 1 above. 

As per claim 13: Barrett discloses using of firewall providing medium grade protection by 
blocking outgoing and incoming traffic not initiated by user (Col 8, Lines 27-35 and Col 4, lines 
1-7). Therefore, this claim is rejected on the same rationale as the rejection of claim 1 above. 

As per claim 14: Wadlow discloses determining from said subscription profile which security 
service features to apply to said user traffic; (Col 8); if said subscription profile for said user 
includes any security service features, then redirecting said user traffic to a particular security 
service pathway of a plurality of security service pathways, said particular security service 
pathway corresponding to said security service features identified by said user profile; and if said 
subscription profile for said user includes no security service features, then redirecting said user 
traffic to a pass-through router for coupling said user traffic to said external internet. Wadlow is 
silent about directing a user to a captive portal; (Col 8, lines 25-49) presenting security service 
features to said user Barrett also discloses a method of providing security service in a network 
interface to an external Internet, said method comprising the steps of Directing a user to a 
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captive portal; (Col 8, lines 25-49) Presenting security service features to said user; (Col 8; lines 
25-49 and FIG. 6) Storing a subscription profile for said user in response to security service 
features selected by said user through said captive portal; ( Col 8, Lines 19-24 and Col 10, lines 
23-29) Receiving user traffic from said user destined for said external Internet at a service 
selection gateway; (Col 8, lines 59-66) Determining from said subscription profile which 
security service features to apply to said user traffic; (Col 9, Lines 16-21) If said subscription 
profile for said user includes any security service features, then redirecting said user traffic to a 
particular security service pathway of a plurality of security service pathways, said particular 
security service pathway corresponding to said security service features identified by said user 
profile (Col 7, line 44 through Col 7); and If said subscription profile for said user includes no 
security service features, then redirecting said user traffic to a pass-through router'for coupling 
said user traffic to said external internet. (Col 9 line 55 through Col 10 Une 8). Although not 
explicitly mention a pass-through router, it is obvious to one of ordinary skill in the art that a 
router can be placed between the server and each network interface as disclosed in Waldow. 
Therefore, claim 14 is rejected on the same rationale as the rejection of claim 1. 

As per claim 16: Barrett discloses the method of claim 15 wherein said firewall services 
comprise selectable grades of firewall protection including a high grade firewall protection, a 
medium grade firewall protection, and a low grade firewall protection. (FIG. 6 and Col 8 lines 
25-50). Therefore, this claim is rejected on the same rationale as the rejection of claim, 1 above. 
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As per claims 17-19: these claims disclose the same limitations as claims 11-13 Therefore, these 
claims are rejected on the same rationale as the rejection of claims 1 1-13 above. 



As per claim 20: Wadlow discloses the apparatus of claim 1 further comprising: a user-side 
switch coupling said service selection gateway to said security service pathways (Col 4, Mines 
44-51 & CSR in FIG 1); and an internet-side switch coupUng said security service pathways to 
said security service router (Col 4, lines 28-43 & ETC, ER in FIG 1). 

4. Claims 3, 6-7, 8, and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Wadlow et al. US (6,230,271) in view of Barrett US (6,832,321) as applied to claim 1 above and 
further in view of Schneider et al. US (6,178,505). 

As per claim 3: Wadlow discloses a plurality of security service pathways including a 
combination of firewall and application filleting but doesn't explicitly show security service 
pathways with a virus scanner! However Schneider teaches the using of antivirus system in a 
network apparatus to provide further protection to users data (Col 42, Lines 10-29). Therefore it 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
modify Wadlow system with the teaching of Schneider to include virus scanners on the security 
pathways. One of ordinary skill in the art would have been motivated to do so in order to provide 
an additional level of security to the user by ensuring that the transmitted information came from 
authorized source and doesn't contain any viruses. 
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As per claim 6: Schneider teaches the using of antivirus system in a network apparatus to provide 
further protection to users data (Col 42, Lines 10-29). Therefore, this claim is rejected on the 
same rationale as the rejection of claim 3 above. 

As per claim 7: Schneider teaches the using of anti-virus and (Col 42, Lines 10-29) and a content 
fiher system (Col 40, Line 42 through Col 41, Line 29) in a network apparatus to provide 
protection to users data. Therefore, this claim is rejected on the same rationale as the rejection of 
claim 3 above. 

As per claim 8: Schneider teaches the using of anti-virus and (Col 42, Lines 10-29) and a content 
filter system (Col 40, Line 42 through Col 411, Line 29) in a network apparatus to provide 
protection to users data. Therefore, this claim is rejected on the same rationale as the rejection of 
claim 3 above. 

As per claim 15: Schneider teaches the using of anti- virus and (Col 42, Lines 10-29) and a 
content filter system (Col 40, Line 42 through Col 41, Line 29) in a network apparatus to provide 
protection for users. Therefore, this claim is rejected on the same rationale as the rejection of 
claim 3 above. 



Conclusion 
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5. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carl Colin whose telephone number is 571-272-3862. The 
examiner can normally be reached on Monday through Thursday, 8:00-6:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published appHcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov . Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Carl Colin 
Patent Examiner 



